·Hidden SendersDisplays email addresses that will not be displayed in their quarantine folder. These are automatically created when you delete a quarantined message. The quarantine folder tells you how many are hidden, and has a button to show the messages and allow you to manage them as you would any other message.

·White List * These are emails that will not be checked.These are the emails that you have released (Send) messages from in the past. This list is automatically generated from within SpamFilter ISP, however this allows you to see what is in there and delete an entry if you accidently “Sent” an email from an address that you didn’t want.

Domain Settings

·Managed DomainsDisplays the domains that your login is linked to. This allows you to manage the settings for all the domains that your account is linked to, also add alias’s for other domains. (Eg. Your company has 2 domains mydomain.com and myotherdomain.com.uk you can now have a single logon that gets the spam from all your addresses on both domains, likewise you can manage the settings on both (or as many as you like) domains.)

·User'sThis is a listing of the users that exist in your domain. Depending on your access level you can see there password, and click on it to logon as that user.

·Quarantine ReportThis is a report that will generate and send to all the users.Registered users (users that have a valid logon and password) can delete, send, or view the message from the email.Un-Registered users (users that do not have a valid logon and password) will get the same report except that they will not be able to delete, send, or view the message from the email until they register. The email includes a link that allows them to register the email address automatically. They will still receive the password in a follow up email automatically.

Black Lists

·Black List CountriesAllows the domain administrator to add/delete country codes to the SpamFilter ISP filter.

Thanks for haveing a look. I have emailed you back with details on setting up the site for you.

Also note.

I have added the functionality for domain admins to view all the spam for their domain. By default it only shows the email that is sent to users that have a valid login, or addresses that are in a users alias list. You can click the "Show all" button to see all quarantined item's for the domain. I did this as most spam in the quarantine area will be to non existent users, as the spammers are just trying to guess at addresses.

Quote {when you are in a quarantine email, have a direct button "Add to whitelist" and a button "Add to blacklist" }

I like this idea for the domain adminstrators only.

Normal users when they send an item, it automatically adds the sender to their personal whitelist. When they delete a message it adds the sender to their personal "Hide" list.

But I like the idea that a domain admin can add senders to the domain whitelist. and likewise add Senders to the domain blacklisted email.

Quote {quarantine report for a domain should be schedule by the domain webadministrator in the web interface, not from a VBS (with the whole mess it could go (ie proxy, auth, ...)) scheduled task}

I originally did it the way I have so that the domain administrator could control the timing of when the reports would send. However I could have this as a setting that they can set within the control panel "Settings". I will put this on my to do list.

Quote {possibility to have a quarantine template (online and report) that you can customize, and plus, have icons or pictures per domain (ie ini or xml conf. file for hosters)}

I am not 100% sure what you mean here. But if you are talking about what appears on the "Spamlist.asp" page then the header and footer are customizable, I am unsure of what else you would need to customize.

As for the report, if you are talking about the report that users will receive then that WILL be customizable, i just havent yet coded the settings to allow this, but it is very high on my to do list.

Quote {Can you give a sample report of what would be send to user as quarantine report ( jym at kajan . fr )?}

I will send you a sample for the user@tyrexpg.com.au I do have a "to do" to add to the report page the ability to send a test report, which would have an option to send the report to either a web page or your email address (Note the Email option wont work for SpamfilterISP testers as it will send the email to adminuser@tyrexpg.com.au)

Here is the current to do list in no particular order, Primary ones will be done first.

Primary

- Customizable email report.- Test Email report (To screen and to email)- Domain Logo. Ability to add them to content and email reports.- Customizable welcome email.- Email report to include "Delete All"- ability for domain admins to be able to add email/domain to domain white/black list.- ability to clone/merge settings from one domain to another. Allows domain admins to setup template domains.

Secondary

- scheduale email report delivery from domain setting, rather than using task scheduler.- Ability for user to extend auto delete period for an individual user. Perhaps rather than extend it the option to tag and deliver for an individual user.

The email report is now fully customizable. It is done from the "System Settings" Menu.

Also the "Quarantine Report" settings ( http://www.tyrexpg.com.au/Settings.asp?Setting=QuarRep ) Now have another link next to each domain so as you may run a test report of the quarantine report, without sending to all the users. I will code one to go to the administrators email address as well but this will be bumped down the list now, as there are a few more urgent sections and you can view it on screen.

Short TermDone! Customizable email report.Done! Customizable welcome email.Done! Test Email report (To screen)Done! Ability for a user to turn filtering on/off for their email addressDone! Email report to include "Delete All"• ability for domain admins to be able to add email/domain to domain white/black list from spamlist.asp page.

Medium Term• Domain Logo. Ability to add them to content and email reports.• ability for domain admins to be able to add email/domain to domain white/black list from spamlist.asp page.• ability to clone/merge settings from one domain to another. Allows domain admins to setup template domains.

Long Term• Ability for rejected sender to request addition to allow list.• scheduale email report delivery from domain setting, rather than using task scheduler.• Ability for user to extend auto delete period for an individual user. Perhaps rather than extend it the option to tag and deliver for an individual user.• Test Email report (To email)

I don’t know if you are still looking for feedback on the website you’re developing or “beta testers”, but if you are I’d be interested.

The site is very impressive. The only piece that we’ve had requests for that doesn’t seem to exist is the ability for a user to manually add email addresses (either one at a time or via an import) to their personal white lists.

Other than that and the things that were on your “to do” list it seems very complete.

Does this work with the “Enterprise” version or the “Standard” version, or both? Are there significant database changes required to implement this?

I see, so it is for the purposes of viewing the messages in quarantine only.

I have been asking Roberto if there is any way to do domains/aliases/catchall type addresses, at the server level.

We charge our clients on a per email address basis, which causes a couple of problems with the current spamfilter implementation so I was hoping you had done some magic that allowed true aliases.

We don't have any problem with allowing aliases or catch all. For example if you were andrew@widget.com and also sales@widget.com we would ideally like to charge you for only a single email address.

However the way it is currently I can't find a solution to do this with spamfilter.

Lets assume you are andrew@widget.com, we will give you an unlimited number of aliases no problem as it all goes into the same andrew mailbox.... but spamfilter can't do that unless there is some way to have spamfilter change the incoming aliases to actually go to andrew@widget.com.

Same is true for catchall type addresses (why anyone uses those is beyond me!). No objection to a catch all if messages could actually be directed to a specific address. Otherwise we end up ripping ourselves off.

Since your alias system is at the quarantine level, would you see any value in having the ability to do real aliases at the server level?

--------------------------------------------------------------
I am a user of SF, not an employee. Use any advice offered at your own risk.

Customer x signs up for your service. They say we have 20 users, so you charge them accordingly (Trust them), although they may have 30 valid email adresses (including groups, aliases, etc..) but your database will receive mail for a lot of other addresses as you have spammers guesing at addresses (johndoe@widget.com )

What I would suggest.

Do your billing based on the number of logon addresses for the web interface. In my daily email report i send a report to every email address that does not have a valid logon or exists on an alias, but does have email in its quarantine folder, letting them know that there are email in quarantine for them and they need to register to view/release. This gets them to pretty quickly register, allowing you to track the users. (See note below about the frequency of this email)

I think if you were to trial this billing method with your clients you would find that the ammount of logon's would be pretty close to the clients correct number (assuming they are telling you the truth).

For them to avoid paying you this they would need to create an logon that is either checked by one person or a group of people. This would be counter productive to any organisation as they would need to trust one person to sift through a LOT of messages, and potentially miss emails.

In my opinion the only way a company might consider centralizing the management of all the staffs email addresses is if they were very small ( 5 or less). And in this case you need to manage that client and ensure that the ammount they are being charged is value.

and several of my staff who have commonly misspelt (Brendan Brenden Brendon ) names have ones to cover them.

i would test this on your next client.

When they sign up ask them how many users they have and base your billing on that.

then after x period of time check how many logon email addresses they have that they have used within the last x months (I record the last login date/time at every logon) this will cover them against staff that have left.

Compare the amount that they have declared to you vs the ammount of active logons they have. if there is more than y% then you need to make the call as to whether you trust the client and manage accordingly. bearing in mind that your clients do not want to micro manage your service by notifying you of every staff add/delete but you do want a close to realistic number.

With the notifications to new email addresses i only send them three consecutive emails on the daily reports after that the email address is skipped untill the last notify was more than x days ago, this reduces the ammount of un-necessary emails being sent from the system.

As for the server knowing how many of the addresses are users, i can see no way to do this. Unless you are also providing the mailboxes and have these users in your active directory. Assuming that you are recieving the messages and then forwarding clean mail to there server. Then there is no possible way of telling the difference between a users email address vs an alias/group address.

What are you doing with the users outgoing emails. Do you provide them with an outgoing connection? if so then you could look at the reply email address and store these as most will have unique reply to's, this also allows you to filter and capture the receivers abnd add them to the users whitelist (eg if andrew@wdget.com sends a message to yapadu@somewhere.com then yapadu is added to andrew's whitelist, This would get around the worst complaint that i get from users which is why did yapadu@somewhere.com get quarantined when he has been allowed for the past 2 years. The reason may be that his message suddenly failed a keyword check but because he had never been caught, and released in the past he was never added to the whitelist. By capturing all the users outgoing email recipients and dynamically building a whitelist this allows you to be a lot more agressive with your filters.

The downside to providing an outgoing smtp is that you are greatly increasing the traffic through your server (note it doesnt need to be the same server that provides your incoming) and as such you are paying for that traffic data. So its a catch 22.

i am currently working on various idea's to this.

1. provide an outgoing with automatic capture of receivers emails. As detailed above.

2. Provide a small exe to the clients that periodically scans there active directory for the number of user accounts (excluding known bogies eg, administrator, iusr_xxx, etc..) it will also look at the exchange log and build a list of receivers that they have sent mail to. This will then connect to my server and update the clients records.

We don't host any mailboxes for users. All messages are cleaned & forwarded to their remote server. We don't offer any outbound at all, can imagine the spam complaints (and getting IP's banned) that would cause.

We charge on a per email address, every email address that receives email must be specifically defined in our GUI. If it is not defined, email is bounced so we don't care if it is a group list etc.

That is why we would like to provide 'free' aliases, only if we have a way to control the target mailbox ourselves and not rely on the recipient server to do it.

--------------------------------------------------------------
I am a user of SF, not an employee. Use any advice offered at your own risk.

There is no way that this can be done currently. It would be faily simple with the quarantined items as you would only need to replace the destination address with the actual user destination address and forward on for released messages.

However to do a lookup and replace on every clean message would be frought with problems (performance etc..) this is also sitting outside what we are there to do which is not alter the original message but simply filter out spam.

I think it would be very few clients that would understate there usernumber and if the users have individual logins then i would be surprised if any will activley avoid paying you a fair price.

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot delete your posts in this forumYou cannot edit your posts in this forumYou cannot create polls in this forumYou cannot vote in polls in this forum